Overview

URL treatyland.com/dhl_nextt_online_public/ZustellinfoDHL_Mitteilungen_8445438742.zip
IP198.54.114.136
ASN
Location United States
Report completed2019-03-19 10:08:32 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-03-19 2 treatyland.com/dhl_nextt_online_public/ZustellinfoDHL_Mitteilungen_84454387 (...) Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 198.54.114.136

Date UQ / IDS / BL URL IP
2019-02-22 06:08:35 +0100
0 - 0 - 2 fairmoon.net/ 198.54.114.136
2019-01-29 16:00:49 +0100
0 - 0 - 1 treatyland.com/dhl_nextt_online_public/Zustel (...) 198.54.114.136
2018-12-18 18:48:45 +0100
0 - 0 - 1 treatyland.com/dhl_nextt_online_public/Zustel (...) 198.54.114.136
2018-09-25 23:42:49 +0200
0 - 0 - 4 loquiereslotienesya.com/ 198.54.114.136
2018-07-23 11:38:39 +0200
0 - 0 - 0 hankesa.com/colier/dropbox/dlx/asset/jquery.js 198.54.114.136
2018-06-04 23:43:29 +0200
0 - 0 - 2 www.fairmoon.net/ 198.54.114.136
2018-01-17 20:36:24 +0100
0 - 0 - 0 infonavit.com 198.54.114.136
2018-01-13 06:45:43 +0100
0 - 0 - 6 loquiereslotienesya.com/ 198.54.114.136
2017-10-30 09:44:41 +0100
0 - 0 - 7 www.telanganauniversity.ac.in 198.54.114.136
2017-10-17 05:26:20 +0200
0 - 0 - 0 khulumaafrika.com 198.54.114.136

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-04-23 14:54:15 +0200
0 - 0 - 0 livestreamsportstv.com/Mixed-Doubles-Curling-2019/ 198.54.115.66
2019-04-23 14:53:56 +0200
0 - 0 - 2 zonamusicex.com/cloudnet.exe 51.15.66.3
2019-04-23 14:53:31 +0200
0 - 0 - 1 kqcxoy.com/ 185.141.165.206
2019-04-23 14:53:22 +0200
0 - 0 - 1 astrolites.com/ 172.106.251.219
2019-04-23 14:53:21 +0200
0 - 0 - 14 studioduofisio.com.br/ 207.180.227.167
2019-04-23 14:53:19 +0200
0 - 0 - 1 fuze-8852.gq/ 51.158.191.165
2019-04-23 14:53:04 +0200
0 - 0 - 0 livestreamsportstv.com/2019-Asian-Athletics/ 198.54.115.66
2019-04-23 14:52:53 +0200
0 - 0 - 1 fantasyforeigner.com/08_uzuki_l7_ngine_iagram_.pdf 46.101.127.31
2019-04-23 14:52:52 +0200
0 - 0 - 1 fantasyforeigner.com/_dvanced_ngineering_luid (...) 46.101.127.31
2019-04-23 14:52:17 +0200
0 - 0 - 1 fantasyforeigner.com/_avigation_anual_or_2011 (...) 46.101.127.31

Last 2 reports on domain: treatyland.com

Date UQ / IDS / BL URL IP
2019-01-29 16:00:49 +0100
0 - 0 - 1 treatyland.com/dhl_nextt_online_public/Zustel (...) 198.54.114.136
2018-12-18 18:48:45 +0100
0 - 0 - 1 treatyland.com/dhl_nextt_online_public/Zustel (...) 198.54.114.136


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (13)


Request Response
                                        
                                            GET /dhl_nextt_online_public/ZustellinfoDHL_Mitteilungen_8445438742.zip HTTP/1.1 
Host: treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         198.54.114.136
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 19 Mar 2019 09:08:00 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding,Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.treatyland.com/dhl_nextt_online_public/ZustellinfoDHL_Mitteilungen_8445438742.zip
Content-Length: 0


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /dhl_nextt_online_public/ZustellinfoDHL_Mitteilungen_8445438742.zip HTTP/1.1 
Host: www.treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: www.treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         198.54.114.136
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 19 Mar 2019 09:08:24 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Vary: Accept-Encoding,Cookie
Cache-Control: max-age=3, must-revalidate
Content-Encoding: gzip
Content-Length: 13876


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13876
Md5:    4c093db4a9212c643e27067083608315
Sha1:   7f6b47d94d0e00cf08717148ccf9bd251fbe19e5
Sha256: 4948fdbaa02990cc87056e602616b4d891b7192de40a09ab622f9c64bfc1a2eb
                                        
                                            GET /wp-content/themes/twentyten/style.css HTTP/1.1 
Host: www.treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.treatyland.com/

                                         
                                         198.54.114.136
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 19 Mar 2019 09:08:24 GMT
Server: Apache
Last-Modified: Sat, 21 Jul 2018 10:28:56 GMT
Etag: "5d95-5717fe12b4f3f-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 18 Mar 2020 09:08:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5992


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5992
Md5:    a097ed4f208e301d89e6c6d1b614b136
Sha1:   28e2e99123c392a2133e1e357f7f8c5e4a71771a
Sha256: 3565ae939a56bd1a6ef809efc50093ba6a2fb9c9c81b7aa1bd14dbd45821a0e9
                                        
                                            GET /wp-content/plugins/wp-automatic/js/main-front.js?ver=5.1.1 HTTP/1.1 
Host: www.treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.treatyland.com/

                                         
                                         198.54.114.136
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 19 Mar 2019 09:08:24 GMT
Server: Apache
Last-Modified: Sat, 21 Jul 2018 10:28:54 GMT
Etag: "378-5717fe11b0746-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 18 Mar 2020 09:08:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 338


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   338
Md5:    73ea2121c2858885a0dafe9505d03d98
Sha1:   6f28dcf06ffa85bc33200588dad42aab61dc2e93
Sha256: d02dbca340b42cdcc86ac5947cf4b9a86d07fde6d4f3462da28aeeca9d41f580
                                        
                                            GET /wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=5.1.1 HTTP/1.1 
Host: www.treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.treatyland.com/

                                         
                                         198.54.114.136
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 19 Mar 2019 09:08:24 GMT
Server: Apache
Last-Modified: Sat, 21 Jul 2018 10:28:54 GMT
Etag: "21f-5717fe11b035e-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 18 Mar 2020 09:08:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 256


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   256
Md5:    5e6d390a81f551681118bc830b6fc3d6
Sha1:   bebd211c06d81504b20a6bb43b33e18b98967589
Sha256: bd630b79d370ffc07d78e9473935a19dd76a56589047085039e11328a54b2e91
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: www.treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.treatyland.com/

                                         
                                         198.54.114.136
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 19 Mar 2019 09:08:24 GMT
Server: Apache
Last-Modified: Fri, 20 May 2016 15:41:28 GMT
Etag: "2748-53347ec8e5a00-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 18 Mar 2020 09:08:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4014


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4014
Md5:    a6c81e2f02bd04160d2de88c4e8f3559
Sha1:   e3f3c91427d785820ca97dabe738f01faf041f36
Sha256: b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.1.1 HTTP/1.1 
Host: www.treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.treatyland.com/

                                         
                                         198.54.114.136
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 19 Mar 2019 09:08:24 GMT
Server: Apache
Last-Modified: Sat, 23 Feb 2019 15:05:04 GMT
Etag: "2f02-58291084e0820-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 18 Mar 2020 09:08:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4388


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4388
Md5:    9485790a43704a2b24f7937f9bb60dd4
Sha1:   a8d3b551c2fd8fb6e02f80d4d7d8a5d240667202
Sha256: 2f5a5c36b845b3e8c4583884b8e487f6f62c2347df7d1960c4cb463d12df788d
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: www.treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.treatyland.com/

                                         
                                         198.54.114.136
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 19 Mar 2019 09:08:24 GMT
Server: Apache
Last-Modified: Sat, 23 Feb 2019 15:05:05 GMT
Etag: "17b9f-58291085372d8-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 18 Mar 2020 09:08:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33766


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   33766
Md5:    ed4b26f09b9c4f4452a7edf9ba6acf98
Sha1:   7dd55dd1775c06dced30d252a273d021b5ab1b35
Sha256: 161d50f181043aea3b29b895db9629a21f56b224a6ea966fbd3e6fbb26ecfb39
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=5.1.1 HTTP/1.1 
Host: www.treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.treatyland.com/

                                         
                                         198.54.114.136
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Tue, 19 Mar 2019 09:08:24 GMT
Server: Apache
Last-Modified: Thu, 13 Dec 2018 03:21:08 GMT
Etag: "57b-57cdece39e6d1-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Wed, 18 Mar 2020 09:08:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 753


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   753
Md5:    8151177dccb399a75164172bb63b0491
Sha1:   0a2a5bf7eaa29bb8690a657bbc982360802ab41b
Sha256: 71d58666e959b9ea4a90f83fa5926fced7f92c084a098ee23ec450054b7292a8
                                        
                                            GET /wp-content/uploads/2017/07/cropped-cropped-header2.jpg HTTP/1.1 
Host: www.treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.treatyland.com/

                                         
                                         198.54.114.136
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 19 Mar 2019 09:08:24 GMT
Server: Apache
Last-Modified: Sat, 21 Jul 2018 10:28:56 GMT
Etag: "be24-5717fe12c9f2f"
Accept-Ranges: bytes
Content-Length: 48676
Cache-Control: max-age=31536000
Expires: Wed, 18 Mar 2020 09:08:24 GMT


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   48676
Md5:    124a68ba35e333d09d1fe8d5b821a600
Sha1:   a0d06807f33a1f2967bba630d63a924f1214edfc
Sha256: f2ad6c1c6bc1322992fdac9802913d29e510b5649f216d67c0962ad1b8ddd29b
                                        
                                            GET /wp-content/themes/twentyten/images/wordpress.png HTTP/1.1 
Host: www.treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.treatyland.com/wp-content/themes/twentyten/style.css

                                         
                                         198.54.114.136
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 19 Mar 2019 09:08:25 GMT
Server: Apache
Last-Modified: Sat, 21 Jul 2018 10:28:56 GMT
Etag: "31a-5717fe12b4f3f"
Accept-Ranges: bytes
Content-Length: 794
Cache-Control: max-age=31536000
Expires: Wed, 18 Mar 2020 09:08:25 GMT


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit colormap, non-interlaced
Size:   794
Md5:    f51375d00e7d0a70c801c6256d432d3b
Sha1:   313aff1fffa73433673203db25ff4154d07511e2
Sha256: 61d00189e16b4ae467e9f3283ccf459d666950277c866c82f337534951b50f51
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.treatyland.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         198.54.114.136
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Date: Tue, 19 Mar 2019 09:08:25 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Content-Length: 0


--- Additional Info ---